module
Apache ActiveMQ 5.x-5.11.1 Directory Traversal Shell Upload
| Disclosed |
|---|
| Aug 19, 2015 |
Disclosed
Aug 19, 2015
Description
This module exploits a directory traversal vulnerability (CVE-2015-1830) in Apache
ActiveMQ 5.x before 5.11.2 for Windows.
The module tries to upload a JSP payload to the /admin directory via the traversal
path /fileserver/..\admin\ using an HTTP PUT request with the default ActiveMQ
credentials admin:admin (or other credentials provided by the user). It then issues
an HTTP GET request to /admin/.jsp on the target in order to trigger the
payload and obtain a shell.
ActiveMQ 5.x before 5.11.2 for Windows.
The module tries to upload a JSP payload to the /admin directory via the traversal
path /fileserver/..\admin\ using an HTTP PUT request with the default ActiveMQ
credentials admin:admin (or other credentials provided by the user). It then issues
an HTTP GET request to /admin/.jsp on the target in order to trigger the
payload and obtain a shell.
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.